A Forum for Homeland Security Professionals

What Has Been Accomplished? – The National Infrastructure Protection Plan

2014 February 18

by Jason Nairn, CPP, CISSP

I am starting a new category on this blog entitled “What has been accomplished?” It is a question that I don’t believe we ask enough in the homeland security enterprise. In this series, I intend to ask homeland security leaders and professionals at all levels, as directly as possible, what has been accomplished via the various HLS programs. To kick off the new series, I asked a question that I have been wanting to ask since last year’s State of the Union when President Obama announced an update to the National Infrastructure Protection Plan (NIPP). That is, “How has the NIPP made us safer?” I was recently presented with the opportunity to ask the leadership of DHS’s Office of Infrastructure Protection.

DHS has been rolling out the updated NIPP and kicked off the roll-out with a national conference call. During the call they had a question and answer session. I queued up but was not able to ask my question during the live session. However, they accepted email follow-up questions and I sent in mine. I received a written response. Here is a verbatim copy of my email to DHS:

Thank you for the call this morning, and congratulations on the completion of the NIPP 2013 update.

As a practitioner and professor of homeland security, my question is:

What do you believe is the most significant accomplishment of the NIPP thus far, in the enhancement of our national security?

Thanks in advance.

I felt it was important, rather than to ask what has been accomplished and get any number of broad and nebulous responses, to ask for one significant accomplishment. I am not sure if that was a better plan or not. Here is the response:

Thank you for your interest in NIPP 2013.

The most significant accomplishment of the NIPP program thus far has arguably been the establishment of the critical infrastructure public-private partnership and its subsequent activities to secure and strengthen the resilience of critical infrastructure. The effort to reduce critical infrastructure risk has been a joint voluntary undertaking between critical infrastructure partners in all levels of government and the private sector. The critical infrastructure partnership is the primary mechanism for promoting and facilitating sector and cross-sector planning, coordination, collaboration, and information sharing to manage risks to critical infrastructure. A 2013 evaluation of the critical infrastructure partnership, conducted in response to Presidential Policy Directive 21, validated the current structure of the partnership at the national level and made recommendations to enhance and expand partnership activities at the regional and local levels.

I found this to be a very predictable, canned response, and one that makes little sense to me. The first sentence basically says “all the meetings we had and all the stuff we did is our most significant accomplishment”. Then they point out that the partnership “is the primary mechanism for facilitating sector and cross-sector planning, coordination, collaboration, and information sharing to manage risks”. I understand the value of public-private partnerships, but did any of these things actually get accomplished? I was hoping for tangible examples of risk reduction that are a direct result of the NIPP? Surely the mechanism for accomplishing the goals isn’t the goal. Is the greatest accomplishment of the NIPP the fact that the participants got to know each other? Perhaps that is an accomplishment, as I am acutely aware of the importance of personal networks. If so, is the NIPP and all of its associated complexity the best way to forge public-private partnerships? As I mentioned the response seems scripted, which I should have expected. But it raises more questions than it answers about the impact that the NIPP is having on our security.

What do you think? Leave a comment and let me know.

Share this:

Did you ever see the actual evaluation/report of the validation of the partnership model? I understand PPD-21 required DHS to conduct an evaluation of the existing partnership model. However, I have not been able to find the actual evaluation. This would be a nice resource considering no changes or streamlining efforts were made with the latest revision of the 2013 NIPP.